Tuesday, 30 October 2018
Owning a domain name is not just finding the right domain and ensuring the domain is renewed each year. It is a long-term commitment to protecting it from expiration and common poor practices like unauthorized transfers and hijacking. This post will go over some tips for keeping your domain safe and ensuring you are following all the requirement set by ICANN. It is also worth checking out the good practices for managing domain registrations and keeping them safe from harm as recommended by ICANN.

Keep domain contact information up-to-date and accurate

When registering a domain name the registrant is required to provide contact details to the registrar.
This information is then published in the WHOIS database, allowing registrants to be contacted for domain-associated technical or operational matters, or security concerns etc.

No matter if the registrant has their contact information displayed or hidden in Whois (due to active Whois privacy protection or for GDPR reasons), registrants should make sure that the information is accurate and up-to-date at all times.




Otherwise, registrants will not be able to get important notifications about their domain names regarding expiration, transfer or Whois contact update verification.

Also, if a domain has been compromised, the registrant would not be contacted by security researchers.

Potential business partners who want to establish a contact with the registrant, if a company, will not be able to get in touch with the registrant either.

According to the Whois Data Reminder policy of ICANN, accredited registrars are required to send annual email reminders to registrants regarding the accuracy of their contact information.



This email requires that registrants review their contact information and make corrections if necessary.

Ignoring this email may lead to really unpleasant consequences for the registrant including:
  • leaving their domain to expire, this may result in them having to spend lots of time, effort and expense to recover it, or it may not be recoverable at all;
  • missing notifications about unauthorized changes to a domain name registration and allowing bad actors to gain access to an account and hijack a domain name;

If a registrant’s contact information is not kept up-to-date or if the registrant does not respond to domain accuracy inquiries by their registrar, the given domain could be suspended or even cancelled as per ICANN’s Whois Accuracy Policy.

To prevent this from happening, a registrant should update their contact information promptly in the event of a change to the name, postal address, email, phone number, etc.

Each domain TLD has its own transfer rules

Each domain registrant has the right to transfer a domain name to another registrar or registrant, as outlined in the ICANN’s Transfer Policy.

To do that, they should keep in mind a few important ICANN rules, as follows:
  • A domain name cannot be transferred to a new registrar/registrant within 60 days of a change to the registrant or administrative contact information. This is why a registrant may consider completing the transfer process prior to making a change;
  • Usually, a domain name may not be transferred within the first 60 days of the initial registration of a domain name, or within 60 days of a transfer;
  • A domain transfer can only be initiated by the registered name holder or the administrative contact for the domain name. This aims to prevent unauthorized transfers of a registrant’s domain name. 

This is also the reason it’s important to keep domain contact information up-to-date.

Best practices for resolving a domain transfer issue

If a domain registrant experiences problems making a transfer, they could consider the following tips and suggestions on what might be the reason for the issue and how to resolve it.
1. There are a few instances when a registrar cannot transfer a domain name, such as:

  • The domain name is subject to a 60-day change-of-registrant lock, as explained earlier;
  • The transfer request has been initiated within 60 days of the initial registration or a previous transfer;
  • The domain is locked with the current registrar and in ‘Registrar Lock’ or ‘Client Transfer Prohibited’ status;
  • The domain is the subject of an ongoing Uniform Domain Name Dispute Resolution Policy (UDRP), Transfer Dispute Resolution Policy (TDRP) or Uniform Rapid Suspension (URS) proceeding;
  • The domain is subject to a court order;
2. Depending on the registration agreement a registrant has signed with their registrar, the latter may deny a transfer due to the following reasons:
  • evidence of fraud report;
  • the person who initiates the transfer is not actually listed as the registrant of record;
  • the registrant has an outstanding payment for a previous registration period;
While ICANN regulates domain transfers via their policies, it is not a registrar and does not engage in the transfer process itself.

For that reason, when having issues transferring a domain name the registrant should always contact their registrar for assistance.

If the issue persists, then the registrant can submit a formal Transfer Complaint with ICANN.

How to protect a domain name from cyber crime

Whether used for business or personal purposes, a domain name is a valuable asset, which should be managed with utmost care.

Here are some practices to help registrants prevent their domains from being hijacked or transferred against their will, as per ICANN’s recommendations:

1. Use an email address not associated with the domain name itself

When providing an email address for the Whois record at signup the registrant should use an email address that is not associated with the domain name they register.

For instance, if their domain name is example.com, it is best to use an address that is not user@example.com.

By maintaining a different email address for the Whois record the registrant will be able to prove ownership in any eventual cases of hijackers having gained control of their domain name.

They will be able to provide that email address as evidence to the registrar that they are the registered holder of the domain name in question before it was altered by unauthorized access to their account.

2. Create a strong password and enable 2FA

Domain owners bear full responsibility for the security of their domain name.
They should create a secure password for their domain name account and use it for that account exclusively.

At Thexyz you can enable two-factor authentication or YubiKey authentication to further secure an account.

Also, they should not share the login details with anyone, including their web designer.

3. Keep a domain name with a transfer lock on

Putting a transfer lock on a domain name is another safety measure a registrant can take against unauthorized transfers or hijacking.

Each registrar has adopted its own way of implementing the transfer lock option.

For instance, our customers can lock/unlock their domains themselves with a clock from the Account Portal, while some registrars will do that for the registrant per request.

4. Beware of incorrect registrant information (for organizations)

As per ICANN’s rules, if a legal entity is listed in the Registrant Organization field of the Whois record then that legal entity is considered the registrant of the domain name.

However, it’s common practice for organizations to have an employee register their domain name and not get the corresponding fields filled in correctly.

The employee may leave the Registrant Organization blank and would include their own name in the registrant name field which automatically turns them into the actual owner of the company’s domain.

This would allow a disgruntled employee to claim rights to the domain and attempt to transfer it away to claim ownership.

This is why organizations should make sure that their legal name is listed in the Registrant Organization field, and that a role-/department-based name is listed in the Registrant Name field.

5. Be careful about domain management roles (for organizations)

Organizations should not list website designers or any other third parties as the registrant(s) of their domain name.

If an organization decides to outsource the management of its domains to a third party it should still be listed as the registrant of the domain.

Otherwise, the third party may decide to transfer the domains away to a different registrar and deprive the organization, its customers, and business partners of use of the domain(s).

If a third party is listed as the domain’s administrative, technical or billing contact for the domain, the organization should take measures to establish a contractual relationship with the third party following a legal consultation.

According to ICANN, it is good practice to include provisions in the contract that concern the assignment of domain management tasks per the organization’s instructions, including transfer requests, domain renewals, name server records update, contact data or domain status update, etc.
Also, the organization should add provisions regarding the operational measures that the administrative and technical contacts should implement to protect their domain name(s) from DDoS attacks against the domain’s name servers or the unauthorized modification or addition of zone records, etc.

Those measures could include filing reports with the corresponding registrar or with law enforcement in the appropriate jurisdictions.

Finally, the agreement should also define the sanctions for situations in which the third party listed as administrative or technical contact violate their domain administration obligations.

What to do in the event of unauthorized domain transfer

If a domain has been transferred to a new registrar/registrant, the registrant should contact their registrar immediately.

If no actions are taken on time the given domain name may be transferred again and again, making it much harder to retrieve it.

The registrar should act in compliance with the ICANN’s Transfer Dispute Resolution Policy, which governs the transfer of domains and is designed to protect the registrant in such situations.

If the registrar is unable or unwilling to assist, then the registrant can submit an Unauthorized Transfer Complaint with ICANN, who will review the situation and assist in recovering your domain, should there be grounds for that.

Good domain management practices allow domain owners to have their online presence uninterrupted and prevent them from losing their domain names due to expiration or hijacking.
Following good practices is essential for companies, since this could help maintain a more secure business environment as well as a safer experience for their customers.

Companies are highly recommended by ICANN to periodically review their domain registrations and include domain name and overall DNS management within their risk management programs.

Here is a list of all ICANN resources that can help you learn more about good domain management practices:

About the Author

I'm Perry Toone, a British Software Developer with keen expertise in spam and fraud prevention.  You'll regularly find me talking about email privacy and best practices via my podcast.
Monday, 10 September 2018


Just last week, Verisign – the global leader in domain name and Internet security services, released its latest domain name industry report, which offers an up-to-date insight into the global TLD market trends.

The report covers the second quarter of 2018 and gives valuable information about the TLD performance on the domain market.

Check out the main domain name industry highlights from the report and see which types of domains are most popular at Thexyz.

What is the Verisign domain industry report?

The latest industry report from Verisign shows that the first half of 2018 closed with about 339.8 million domain name registrations across all TLD extensions worldwide.

This figure marks a 2% increase of domain registrations compared to the first quarter of 2018, which means that approximately 6 million more domain names were registered over a period of just 3 months!

This is quite a remarkable figure, bearing in mind that the number of domain registrations in the previous quarter period grew by only 1.4 million (0.4%) as compared to the fourth quarter of 2017.
In comparison to the figures from a year ago, domain name registrations mark a 2.4% spike, which translates into an increase by almost 8 million domain names.



In their latest report, Verisign presents a breakdown of the domain registrations by TLD, which gives a good idea of the most popular TLDs on the market:




As of June 30, 2018, the most popular gTLDs on the market are .COM, .NET, .ORG and .INFO as their base (a total of 165.4 million) represents 49% of all registrations worldwide.

.COM keeps being the front runner with the impressive 135.8 million registrations, which have grown by 5% since June 2017.

The other three gTLDs show a drop in registrations compared to last year, with .NET reaching a 7% decrease in numbers.
 
The total number of country-code (ccTLD) domain name registrations amounts to 149.7 million, which represents around 44% of all TLD registrations, as of June 30 2018.

This is an increase of approximately 5.5 million domain name registrations, or 3.8 percent, compared to the second quarter of 2017.

According to the Verisign’s report, the most popular ccTLD, as of June 30, 2018, is .CN with the stunning 22.7 million registrations, followed by .TK (a free ccTLD), .DE (Germany’s TLD), .UK
 and .RU.

The remainder of the Top 10 chart of ccTLDs is completed by the Netherlands’ .NL TLD, Brazil’s .BR TLD, the European Union’s .EU TLD, France’s .FR TLD and Italy’s .IT TLD.



The total reported amount of nTLDs at the end of the first half of 2018 was 21.8 million, a decrease of approximately 2.5 million domain name registrations, or 10.4 percent, compared to June 30, 2017.
According to the report, the most popular nTLDs are .TOP, .LOAN and .XYZ, followed by .CLUB and .ONLINE.

The report includes a chart, which shows that nTLD registrations represent 6.4% of all TLD registrations:



For more TLD stats, check out the latest issue of the Domain Name Industry Report.

What are the most popular TLD's at Thexyz?

Following up with the report of Verisign, we’ve made our own research into the TLD trends across Thexyz.

As of June 30, 2018, we’ve observed a 5% increase in the number of domain registrations compared to the volumes from a year ago.

  • gTLDs and ccTLDs have preserved steady increase rates year over year.
  • In contrast to the global nTLD trend, however, we’ve seen an increase in the number of new generic TLD registrations as well.
  • This is largely due to the increased number of nTLDs on our platform and also the various promo campaigns we’ve been running for some of the most attractive ones.
  • And of course, thanks to your continued support.
In the chart below, you can see the distribution of domain registrations in regards to TLD types as of June 30, 2018:



gTLDs still have a dominating presence in the chart and will most probably continue to do so for a long time in tune with the global trend.

It seems that regardless of the growing significance of the local factor (ccTLDs) and the increasing popularity of keyword based domains (nTLDs), .COM, .NET and .ORG will continue to be a top choice for the majority of new registrations across our platform and the market in general for years to come.

The chart listed below lists the most popular TLDs across our platform:


As in the Verisign report, the top 10 chart on our platform features the most popular gTLDs – .COM, .NET, .ORG and .INFO.

As for ccTLDs, the chart is a reflection of the markets where the majority of our customers operate in, namely the United Kingdom, Australia, United States, Canada and New Zealand.

It’s interesting to note that .CO – albeit a ccTLD, has entered into our top 10 chart thanks to its growing popularity as an alternative to .COM.

Even with all of the new domain extensions, catchy .COM alternatives and a variety of country-specific TLDs on the market today, .COM remains on top when it comes to domain industry trends.

Although .COM isn’t always the top choice for startups and small businesses today, it is still an important decision-taking factor. So it will likely remain on top thanks to it its universal recognition and long-standing history online.
Friday, 7 September 2018



In recent years, Swoole has taken over as the new best programming solution thanks to its scalability and the performance boosting capabilities it offers as a PHP extension.
Swoole represents an event-driven network communication framework for asynchronous and parallel PHP requests, which is aimed at scaling up the performance of web applications.
Based on the C language exclusively, Swoole allows PHP developers to write scalable applications for: Internet, mobile communication, cloud computing, online gaming, without the need to have an in-depth knowledge of non-blocking I/O programming.
Learn more about the Swoole framework and about how you can make use of it on our web hosting platform.

What is the Swoole framework about?

Swoole was introduced with one basic idea in mind - to provide efficiency to PHP programmers and give them more time to focus their efforts on more innovative products.
Swoole boasts built-in async, multi-threadеd I/O (input/output) modules, which distinguish it from the other async programming frameworks such as Nginx and Node.js.
This allows programmers to create network servers and to perform database and filesystem operations for the PHP language.
PHP developers can use either sync or async API to write the applications.
Here is a glimpse of the advantages of the Swoole framework:
  • 100% C-compiled, with extremely powerful performance;
  • Simple and easy to use, development-efficient;
  • Event-driven, non-blocking asynchronous processing;
  • Supports millions of concurrent TCP connections;
  • Supports asynchronous/synchronous/coroutine;
  • Supports multiprocessing/multi-threading;
  • CPU affinity/daemon process;
And here is a list of the key Swoole components, which make Swoole truly efficient for application development:
  • IPv4 / IPv6 / Unixsocket network support;
  • Async TCP/UDP server and client;
  • SSL / TLS support;
  • Async HTTP/ WebSocket client;
  • Database connection pooling;
  • Async MySQL client;
  • Async Redis client;
  • Fast Serializer / Unserializer;
  • Milliseconds task scheduler;
With this wide array of components, Swoole can be utilized by a number of applications for mobile communication, cloud computing, microservices, mobile games, and live chat systems, to name a few, which are normally within the capacity of C++ or Java developers.
Currently, Swoole is adopted by some of the greatest retail platforms like Alibaba and Baidu.

How does the Swoole framework work?

Swoole runs in CLI mode, which distinguishes it from the common PHP model.

 

Here are the key differences between Swoole and the traditional PHP model:
  • Swoole supports more server-side protocols;
  • Swoole supports long-live connections for websocket/TCP/UDP server;
  • Swoole creates additional worker processes so as to make use of all available CPU cores;
  • Swoole can manage and re-use the status in memory.

How to make use of Swoole on our platform?

The Swoole extension has been readily installed on our web hosting platform and you can enable it with a click for your projects.
In the PHP settings section of the Web Hosting Control Panel, just scroll down to the Swoole setting at the bottom of the table and click on the pertaining checkbox.

  
Note: The Swoole extension is currently supported by the PHP 7 version only, so make sure to switch to any of the supported PHP 7 releases first.

 

Once you have enabled Swoole for your hosting account, you will need to create an instance for your project from the Supervisor section.

In the Supervisor section, just click on the Create Instance button and then specify the path to the script you want to use Swoole for:


 

In our example, we are using a websocket server script:



Once the instance has been added, you will need to copy the port that has been generated for the instance:


and paste it into the script file as displayed below:


That’s it! Now you will be able to run a websocket server by using the Swoole network framework on at Thexyz. 

Subscribe by email

Enter your email address:

Subscribe to more feeds

Trending Posts

Blog Archive

Tags

News (66) Web Hosting (48) security (25) Email (19) webmail (19) Advertising (15) Tutorials (15) Thexyz Cloud (14) Video (4) resellers (2)